Remove WKContextClearResourceCaches and WKContextClearApplicationCache in favor
of their more modern counterparts WKResourceCacheManagerClearCacheForAllOrigins
and WKApplicationCacheManagerDeleteAllEntries.

Expand clearing functionality of WKResourceCacheManager by adding type of resources
to clear.

This is a first cut at ruby overhang. It allows ruby text to hang over other
text of equal or smaller size. Two notable omissions are that max preferred
width computation was not patched, so it will overshoot, and that overhang
ignores the width of the adjoining text runs.

rendering/RenderBlock.h:

rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Adjust margins
of ruby runs for overhang.
(WebCore::RenderBlock::fitBelowFloats): Maintain the increase in line width to
compensate for overhang.
(WebCore::RenderBlock::findNextLineBreak): When encountering
a ruby run, increase the line width to account for the fact that overhang will be
collapsed.

rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::getOverhang): Added. Allows ruby to overhang if
the adjoining renderer is text with equal or smaller font size.

(WebCore::ResourceRequest::doUpdateResourceRequest): Switched to
use toResourceLoadPriority().
(WebCore::ResourceRequest::doUpdatePlatformRequest): Switched to
use toHTTPPipeliningPriority(). Moved
shouldForceHTTPPipeliningPriorityHigh() check into the argument
of toHTTPPipeliningPriority() instead of hard-coding a
now-incorrect value.

Updated expectations due to shadow structure chagne.
Also updated meter-styles.html pixel result because the render tree is now laid out
as normal flexboxes and its layout result is actually different,
especially if there are non-zero borders on shadow elements.

Eliminated a large part of <meter> custom layout code,
which is replaced by a shadow tree.
Note that the shadow tree is created on construction time and
will remain during the host HTMLMeterElement lifecycle.

Move isContentEditable from HTMLElement to Node. Thus, Node provides two functions for
checking editability: rendererIsEditable and isContentEdiable. The former is a fast path,
which does NOT trigger layout and only checks the render style of usermodify. The latter
updates the layout first to make sure the render style syncs with DOM contenteditable
attribute. Certain call sites that need to call isContentEditable rather than rendererIsEditable
are also updated in the patch. But a complete fix will follow up in bug 57244.

This patch fixes all the failed layout tests related to set contenteditable.

Updated expectations due to shadow structure chagne.
Also updated meter-styles.html pixel result because the render tree is now laid out
as normal flexboxes and its layout result is actually different,
especially if there are non-zero borders on shadow elements.

Eliminated a large part of <meter> custom layout code,
which is replaced by a shadow tree.
Note that the shadow tree is created on construction time and
will remain during the host HTMLMeterElement lifecycle.

platform/graphics/gtk/GraphicsContext3DInternal.cpp: Added.
(sharedDisplay): Added this shared display which is required by some
display drivers.
(WebCore::activeGraphicsContexts): This method keeps track of all active GraphicsContext3D
contexts, in order to clean them up at exit. This prevents crashes on certain OpenGL drivers.
(WebCore::GraphicsContext3DInternal::addActiveGraphicsContext): Ditto.
(WebCore::GraphicsContext3DInternal::removeActiveGraphicsContext): Ditto.
(WebCore::GraphicsContext3DInternal::cleanupActiveContextsAtExit): Ditto.
(WebCore::GraphicsContext3DInternal::create): Figure out the best way to create an OpenGL
context given the current environment.
(WebCore::GraphicsContext3DInternal::createPbufferContext): Pbuffer context initializer.
(WebCore::GraphicsContext3DInternal::createPixmapContext): Pixmap context initializer.
(WebCore::GraphicsContext3DInternal::GraphicsContext3DInternal): Initial implementation.
(WebCore::GraphicsContext3DInternal::~GraphicsContext3DInternal): Ditto.
(WebCore::GraphicsContext3DInternal::makeContextCurrent): Ditto.

interpreter/RegisterFile.h:
(JSC::RegisterFile::GlobalObjectOwner::finalize):
(JSC::RegisterFile::RegisterFile): Replaced GlobalObjectNotifier with
a per-RegisterFile weak handle owner, which does not leak.

runtime/WeakGCPtr.h:
(JSC::WeakGCPtr::set): Allow set() to take a context argument, since
RegisterFile now needs this. (Seems like it was an accidental omission
all along.)

This patch changes FAST_MALLOC_MATCH_VALIDATION with a general
corruption check that tags the beginning and end of all allocations
to check for write overflows and overwrites the contents of
memory on free in order to (hopefully) show up use-after-free issues
sooner.

Also renamed noFinalizer => emptyWeakOwner, since this is really an
optimization for a weak owner with empty callbacks.

collector/handles/HandleHeap.cpp:
(JSC::HandleHeap::clearWeakPointers): Updated for renames. Removed
redundant initialization of m_nextToFinalize. Moved deletion check inside
weak owner check, since the weak owner can't delete the node if there is
no weak owner!

Add WebContext::sendToAllProcesses and WebContext::sendToAllProcessesRelaunchingThemIfNecessary
as a first step towards getting rid of WebContext::process() and getting rid of a class of crashers
where WebContext::process() is null.

(WebKit::WebContext::stopMemorySampler):
Use sendToAllProcesses. This is a slight policy change where we now create a sandbox extension even
if there's no process around. Since this is a debugging tool it seems OK to do this.

UIProcess/WebContext.h:
Get rid of hasValidProcess.

(WebKit::WebContext::sendToAllProcesses):
If we have a process and we can send messages to it, then do so.

(WebKit::WebContext::sendToAllProcessesRelaunchingThemIfNecessary):
Relaunch the web process and send the message.

AppKit does not retain the owner given to the pasteboard, therefore we
need to give the ownership of the retained pointer to NSPasteboard.
Also, dragImage will release the NSFilePromiseDragSource object, therefore
we retain it before calling dragImage to be able to control its lifetime.

WebProcess/WebCoreSupport/mac/WebDragClientMac.mm:

(WebKit::WebDragClient::declareAndWriteDragImage): Passing ownership
of the pointer to AppKit when providing the owner pointer to the NSPasteboard
object.

WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::platformDragEnded): Retaining the NSFilePromiseDragSource
since dragImage will release it.

(For manual test, load a non-existent html first, then load
fast/history/resources/check-scroll-position.html, then go
back and go forward. If it doesn't show "SUCCESS" at the bottom
of the page, your browser has failed the test)

http/tests/plugins/resources/dump-post.pl: Instead of just printing out the "keywords" parameter,
print out the POSTDATA parameter as well. Printing "keywords" did not seem to work on the version of
Apache/Perl/CGI that existed on my machine. According to the Perl CGI module documentation
using 'POSTDATA' is the correct way to print the entire POSTDATA for more recent versions of the
module.

webkit/webkitwebview.cpp:
(getLocationForKeyboardGeneratedContextMenu): Added this helper which calculates
the context menu position.
(webkit_web_view_popup_menu_handler): Simplify code preventing the menu from bumping
into the edges of the view. Remove (0,-1) hack as it no longer seems to be important.

unicode-bidi is a CSS concept. However the same concept is really needed throughout
the bidi code in platform as well. So I'm moving the enum to platform.
The only part of the enum which doesn't make much sense to platform/ is "normal".

Platform/gtk/RunLoopGtk.cpp:
(RunLoop::~RunLoop): Make sure main loop is currently running
before calling g_main_loop_quit(), RunLoop::stop() might have been
called.
(RunLoop::wakeUp): Use an idle source with default priority
instead of a timeout one with a 0 interval.
(RunLoop::TimerBase::clearTimerSource): New method to clear the
timer.
(RunLoop::TimerBase::destroyNotifyCallback): Destroy notify
callback called when the source is destroyed to clear the timer.
(RunLoop::TimerBase::timerFiredCallback): Use the same callback for
repeating and no repeating timers.
(RunLoop::TimerBase::start): g_source_attach() increments the
source reference counter, so use GRefPtr to make sure the source
is freed.
(RunLoop::TimerBase::stop): Use clearTimerSource().

inspector/InjectedScriptManager.cpp:
(WebCore::InjectedScriptManager::createForPage):
(WebCore::InjectedScriptManager::createForWorker):
(WebCore::InjectedScriptManager::InjectedScriptManager): access check function is passed as a parameter to the constructor
and it depends on which type of context we're inspecting(worker or page).
(WebCore::InjectedScriptManager::canAccessInspectedWorkerContext):

The crash happens because resetting the page scale as part of preparing the WebView for the
next test triggered layout, which in turn caused a plug-in to make a resource request, and
DumpRenderTree's delegate to be dispatched. The delegate doesn't expect to be called between
tests, and it references the layout test controller, which is null.

page/Frame.cpp:

(WebCore::Frame::scalePage): Avoid an unnecessary layout if the page scale isn't changing. This
is more efficient, and has the side effect of avoiding the crash in DumpRenderTree, although
DumpRenderTree could still crash when after a test with disabled plug-ins and a non-1 page scale.
I think there are currently no such tests, so I am not fixing DumpRenderTree.

The bug was caused by WebKit's not checking the existence of root editable element
in enabled* functions. Although isContentEditable returns true whenever we're in design mode,
we should not run editing commands in a document without a body element editable because
doing so results in appending a non-body element to the document node.

Fixed the bug by modifying various enabled* functions to ensure we have a root editable element.
New behavior tries to match that of Firefox except StyleWithCSS, which Firefox seems to ignore
when there are no body element. Since StyleWithCSS is a document's state or property, we allow
execCommand('StyleWithCSS') even in a document without a body element.

WebKit's and Firefox's behaviors also deviate in insert-image-with-selecting-document.html.
Whereas WebKit respects selection set by script and ignores execCommand, Firefox modifies
the selection when document.write("x") is ran and successfully inserts image.

Thus, empty-document-delete.html and empty-document-justify-right.html both pass on Firefox
while empty-document-stylewithcss.html and insert-image-with-selecting-document.html both fail.

Since Internet Explorer does not allow execCommand to run under design mode properly, we could
not test its behavior.

editing/Editor.cpp:
(WebCore::Editor::canEdit): Verify that the root editable element exists
instead of just checking that selection endpoints are editable because
selection endpoints could be document node without a body element in design mode
and we don't want to consider such a document editable.
(WebCore::Editor::canDelete): Ditto.

editing/EditorCommand.cpp:
(WebCore::enabledInEditableText): Ditto.
(WebCore::enabledInRichlyEditableText): Ditto.
(WebCore::enabledDelete): Call enabledCut and enabledInEditableText instead
of duplicating the code in order to fix the same bug.

Added tests to ensure WebKit does not crash when attempted to execute editing commands
in an empty document. Also added a test to ensure WebKit does not crash when InsertImage
is executed with selection endpoints being document. WebKit should ignore such attempts
and should not crash.

r82786 exposed an incorrect assumption inRenderMediaControlTimeDisplay::layout()
that the timeline container is the parent of the time display. This is not true
with the GTK media style, where the current time display is an inline box, and
thus wrapped in an anonymous flexible box. The code was incorrectly considering
the width of the anonymous box and deciding to hide the time display. Prior tor82786, this mistake was corrected by the call to computeLogicalWidth() in line layout.

Explicitly use icu namespace for ports building with U_USING_ICU_NAMESPACE=0

By default, ICU includes |using namespace icu;| in its header files
for backwards compatibility. Clients can define
U_USING_ICU_NAMESPACE=0 to tell ICU to not do this. Prefixing all ICU
classes with |icu::| makes this file compile no matter what
U_USING_ICU_NAMESPACE is set to.

(WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Removed a
call to computeLogicalWidth(). Because of <​http://webkit.org/b/57700>, this
actually prevents MathML rows from reverting to an incorrect width.

LayoutTests:

These updated expected results show progressions in MathML tests.
fast/table/colspanMinWidth-vertical results changed to show that text controls
still do not handle vertical writing modes correctly.

UIProcess/mac/WebPageProxyMac.mm:
(WebKit::WebPageProxy::speak):
(WebKit::WebPageProxy::searchWithSpotlight):
Moved code to trigger spotlight here. Use WTF::String -> NSString conversion function
instead of relying on the built in conversion since it doesn't always work in the UIProcess.

WebProcess/WebCoreSupport/mac/WebContextMenuClientMac.mm:
(WebKit::WebContextMenuClient::searchWithSpotlight):
Post message to the UIProcess to do the searching.

Include the name of the system certificate store that the client certificate came from in WKBundleSetClientCertificate().

The PCCERT_CONTEXT for the client certificate we create from the message from the UI process doesn't contain enough information to actually use it in a request, we need to get the real certificate from the certificate store (which is typically the "MY" store).

(WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Removed a
call to computeLogicalWidth(). Because of <​http://webkit.org/b/57700>, this
actually prevents MathML rows from reverting to an incorrect width.

LayoutTests:

These updated expected results show progressions in MathML tests.
fast/table/colspanMinWidth-vertical results changed to show that text controls
still do not handle vertical writing modes correctly.

Previously, we were using BeautifulSoup to process XML from
bugs.webkit.org, but that's incorrect. We should be using
BeautifulStoneSoup to process the XML. We were getting the &apos;
entity wrong because &apos; is an XML entity but not an HTML entity.

Fixed windows test failures.
Changed the fixed overhead value for ResourceResponse to 3800 bytes.
Modified ResourceResponse::platformLazyInit() to handle "base" level
attributes or all attributes. The base attributes, like URL, status
code, mime type and a few header fields (mostly cache related) are
suitable for most resources. This reduces the per resource memory
needs by over 1K bytes per resource thus saving memory in the cache.
Collectively, these two changes bring the overhead memory calculation
in line with reality.

No new tests added due to existing tests cover areas of change and
there is no functional change. The change is limited to reducing
memory usage along existing paths.

​https://bugs.webkit.org/show_bug.cgi?id=45855
Windowless plugins added dynamically to the DOM should receive paint events.
This is done by ensuring that the plugin widget is marked for painting when
it is added. Added a layout test which verifies that a dynamically added plugin
receives a paint event. This test has to be skipped on chromium mac/linux and
on gtk and qt as it relies on support for the displayInvalidatedRegion function
in the LayoutTestController

We apparently never implemented the code to skip tests based on
what was compiled into DRT. Also, change the logic used to skip
platform directories to match what old-run-webkit-tests does:
skip every test not in a directory in the baseline search path.

Rename the backend proxy files that didn't have Backend in their name.
Everything in WebKit should be in the WebKit namespace.
Put everything behind the feature flag so we're consistient.
Put the feature flag #if above includes.

Skip platform/mac/plugins/convert-point.html because it relies on code
that only exists in the test plugin for Apple's Mac port. We generally
ignore most of the tests in platform/mac, although we do run them to
detect crashes. In this case, however, the test does crash, but it
crashes in the test plug-in, which doesn't matter to us.

Apparently the V8 bindings have a bug when assigning undefined to a
boolean attribute. I've filed​https://bugs.webkit.org/show_bug.cgi?id=57669 about that issue, which
I'll address in another patch (obviously with a test). In the
meantime, this patch changes this test to test "false" instead of
"undefined".

Tied being weak to having a finalizer (or at least a finalizer sentinel).

collector/handles/HandleHeap.cpp:
(JSC::HandleHeap::clearWeakPointers): Removed the special self-destroying
flag. It was unused. If we bring it back, we'll probably use a shared
autodeallocating finalizer instead.

collector/handles/HandleHeap.h:
(JSC::HandleHeap::makeWeak): makeWeak and adding a finalizer are now
a single, atomic operation -- this makes the relationship between
finalizers and weak pointers clearer, and impossible to get wrong.

(JSC::HandleHeap::Node::Node):
(JSC::HandleHeap::Node::handleHeap): No more flags.

(JSC::HandleHeap::Node::makeWeak):
(JSC::HandleHeap::Node::isWeak): Ditto above. We use a special sentienl
value in the finalizer slot to indicate that a handle is weak but doesn't
require an external function call for finalization.

Implements support to programmatically allow and disallow frame resizing.

Currently, HTMLFrameElement::parseMappedAttribute() is hardcoded to disallow frame resize (i.e.
m_noResize = true) when either the noresize DOM attribute is specified (or existed at some
point in time) or the value of the noResize attribute is modified. Instead we should allow/disallow
frame resize depending on the presence of the noresize DOM attribute/the value of the noResize
attribute.

html/HTMLFrameElement.cpp:
(WebCore::HTMLFrameElement::HTMLFrameElement):
(WebCore::HTMLFrameElement::noResize): Made this a non-inline function since this
code path isn't performance critical.
(WebCore::HTMLFrameElement::attach): Removed code to inherit noresize attribute from
parent <frameset> since this functionality is part of RenderFrameSet::computeEdgeInfo().
(WebCore::HTMLFrameElement::parseMappedAttribute):

Changed the fixed overhead value for ResourceResponse to 3800 bytes.
Modified ResourceResponse::platformLazyInit() to handle "base" level
attributes or all attributes. The base attributes, like URL, status
code, mime type and a few header fields (mostly cache related) are
suitable for most resources. This reduces the per resource memory
needs by over 1K bytes per resource thus saving memory in the cache.
Collectively, these two changes bring the overhead memory calculation
in line with reality.

No new tests added due to existing tests cover areas of change and
there is no functional change. The change is limited to reducing
memory usage along existing paths.

This patch completes the cleanup of
rebaseline-chromium-webkit-tests to work with all of the
variants of a platform (we can now rebaseline gpu- and non-gpu
files at the same time).

When the rebaselining is complete, any lines declared as
REBASELINE in the expectations file that matches a test that was
actually rebaselined will be deleted, even if only one of the
variants was actually rebaselined. This may cause odd problems,
but is better than where we're at today.

This change removes the -g flag and deprecates -w. The -g flag is gone
because GPU baselines are handled just like any other variant.
The -w flag is deprecated because this tool now only works
against the canaries, since that's the only place we have a full
set of bots. It will be trivial to change this to
build.webkit.org if we decide that's where we want them to be.

Also, this patch deletes a lot of cruft that is no longer needed
in the test_expectations code and the port-specific code.

rebaseline-chromium-webkit-tests does not work correctly with
version-specific baselines. This patch updates the tool to use
all of the version-specific bots on the canaries, and will now
attempt to rebaseline all of the versions by default, although
it will not update both GPU and CPU versions.

Also, it will no longer modify the test_expectations.txt file
*at all*. You will have to manually delete the REBASELINE lines
after running the tool and determining that it did what you
wanted it to do. This should be fixed in a separate bug - see
webkit bug #55191.

It factors out a JavaClass interface which does not use JNI types.
This will allow the Java bridge to be used with objects that
don't use JNI directly. The existing jobject-backed
implementation is moved to a new JavaClassJobject class which
implements the interface.

This change does not need any test since it doesn't change anything
from the point of view of the consumers (Assistive Technoglogies).
It's just an internal change to simplify identifying HTML and ARIA
tables by calling to the AccessibilityObject::roleValue method.

Previously, we were getting the revision of the first revision that triggered a build.
Choosing the last revision would have been more accurate. But got_revision is what is used
everywhere else on build.webkit.org, and should work even when there were no changes that
triggered a build (e.g., if someone clicked the Force Build button).

(WebKit::LayerTreeHost::create): Create a LayerTreeHostCAMac on Mac, and LayerTreeHostCAWin
on Windows.

WebProcess/WebPage/ca/LayerTreeHostCA.cpp:

(WebKit::LayerTreeHostCA::LayerTreeHostCA): Moved some code from here...
(WebKit::LayerTreeHostCA::initialize): ...to here. This function will be called after the
constructor returns, and thus can safely call functions that are pure virtual in this class
and its base class. We now pass our LayerTreeContext to platformInitialize so that our
derived classes can initialize it.
(WebKit::LayerTreeHostCA::~LayerTreeHostCA): Removed Mac-specific code.

(WebKit::LayerTreeHostCA::invalidate):
(WebKit::LayerTreeHostCA::sizeDidChange):
(WebKit::LayerTreeHostCA::forceRepaint):
(WebKit::LayerTreeHostCA::didPerformScheduledLayerFlush):
Removed platform* calls. Derived classes can just override these functions to do what they
need.

(WebKit::LayerTreeHostCAMac::invalidate):
(WebKit::LayerTreeHostCAMac::sizeDidChange):
(WebKit::LayerTreeHostCAMac::forceRepaint):
(WebKit::LayerTreeHostCAMac::didPerformScheduledLayerFlush):
Renamed from platform*. Now call up to the base class.

Have MiniBrowser reference it's own copy of useragentlist.txt instead
of copying QtTestBrowser's.
Remove Tools/MiniBrowser/DerivedSources.pro
This reduces complexity in the Tools scripts due to Symbian limitations.

This test was flaky because the script and the import load would race.
By breaking down this test into two pieces, we can still see that the
parse-blocking loads happen before the non-blocking load (the img) but
we don't suffer flakiness.

A linefeed removal after a textarea tag is originally processed in WebCore::HTMLTextAreaElement::defaultValue().
But HTML5 tree builder now removes the linefeed. It means linefeed removal happens twice.
And devalutValue() removal is not needed anymore.

This class exposes the interface that LayerChangesFlusher and PlatformCALayer rely on.
CACFLayerTreeHost now derives from AbstractCACFLayerTreeHost. In the future, WebKit2's
LayerTreeHostCA will also derive from it (on Windows).

Java applets embedded with the object element sometimes use classid to
specify their main resource. When this is done, the classid is prefixed
with "java:". Treat these as supported classids in WebKit.

Test: java/embedding-java-with-object.html

html/HTMLObjectElement.cpp:
(WebCore::HTMLObjectElement::hasValidClassId): If the MIME type is a
Java Applet type and the classid starts with "java:", the classid
should be considered valid.

(WebCore::CGContextWithHDC):
(WebCore::GraphicsContext::releaseWindowsContext): Modified to use
new common routines.

platform/graphics/win/GraphicsContextCairoWin.cpp:

(WebCore::drawBitmapToContext): New common drawing implementation.
(WebCore::GraphicsContext::releaseWindowsContext): Modified to use
new common routines.
(WebCore::GraphicsContext::drawWindowsBitmap):

platform/graphics/win/GraphicsContextWin.cpp:

(WebCore::GraphicsContext::WindowsBitmap::WindowsBitmap): Modified
to use new DIBPixelData data type.

LayerChangesFlusher was reffing CACFLayerTreeHosts before calling out to them. This would
have protected us if calling out to one CACFLayerTreeHost could cause a different
CACFLayerTreeHost to be destroyed. But that isn't possible; each CACFLayerTreeHost is
associated with its own page, and flushing layer changes doesn't touch any other page. So it
isn't possible for a CACFLayerTreeHost to be deleted while another one is flushing layer
changes.

One benefit of this change is that it will make it easier to make LayerChangesFlusher
interact with a forthcoming abstract base class, rather than with CACFLayerTreeHost itself.

UIProcess/DrawingAreaProxyImpl.cpp:
(WebKit::DrawingAreaProxyImpl::visibilityDidChange):
If we become visible and have no backing store, make sure to call backingStoreStateDidChange
so that the next time we're asked to paint we'll wait for something to paint.

fast/loader/willSendRequest-null-for-preload.html: Need to call
setWilSendRequestReturnsNull() prior to invoking the preload scanner
while blocked on empty-script.js.

fast/preloader/scan-body-from-head-expected.txt: Added.

fast/preloader/scan-body-from-head.html: Added. Notice that in the
loaded resource output, the script and style are requested before the
image even though the image is first in the DOM. This means it was
queued up to wait for renderering rather than loaded immediately.

Previously, while parsing the head, no resources in the body would be
preloaded. After this patch, we will preload scripts and styles in the
body, although we continue to hold off on all images until the page is
first rendered.

To evaluate this change, I've recorded a sampling of 45 of alexa's top
sites and replayed them under simulated bandwidth conditions, loading
each 5-15 times until stddev is small enough.

Time to the load event improved at the overall average by 3%.
Most sites are unchanged, but sites with certain blocking patterns had
big wins -- ebay 19% (331ms), microsoft 15% (226ms), conduit 15% (277ms)
nytimes 7% (182ms).

Time to DOM content loaded event improved by 6% with some even bigger
individual wins.

First paint time held steady.

Note that I originally wanted to allow preloading of images while in the
head, but that regressed first paint time (even though it was better for
overall load time).

LayerRendererChromium now uses a RefPtr to preserve ownership of all
of the CCLayerImpl layers that it is using during the update/draw
pass. Addtionally, when a LayerChromium is destroyed, the weak
owner pointer from its CCLayerImpl is correctly unset.

Specify both FILE_MAP_READ and FILE_MAP_WRITE when creating a read-write SharedMemory object

When passed to ::MapViewOfFile, FILE_MAP_WRITE implies FILE_MAP_READ, but other file mapping
APIs don't work that way. This bug wasn't causing any problems in practice, but it would
have prevented us from creating a DIB that wraps a SharedMemory object (which I noticed
while working on another bug).

Fixes <​http://webkit.org/b/57576> File mappings used by read-write SharedMemory objects
aren't correctly marked as read-write after being sent over a CoreIPC::Connection

Reviewed by Brian Weinstein.

Platform/win/SharedMemoryWin.cpp:

(WebKit::accessRights): Specify FILE_MAP_READ in addition to FILE_MAP_WRITE for read-write
SharedMemory.

Speed up accelerated path drawing.​https://bugs.webkit.org/show_bug.cgi?id=57371
This CL does three things: re-uses the same vertex and index buffer
for all path draws, converts all vertex layouts from vec3 to vec2, and
does a convexity check for polygons before passing them to the
tesselator.

Covered by canvas/philip/tests/2d.path.bezierCurveTo.*, and others.

platform/graphics/chromium/GLES2Canvas.cpp:
Replace the Vector<double> for interpolated curves with a
Vector<FloatPoint>.
(WebCore::Cubic::evaluate):
Inline the evaluation function (as Quadratic does).
(WebCore::GLES2Canvas::GLES2Canvas):
Initialize the m_pathIndexBuffer.
(WebCore::GLES2Canvas::~GLES2Canvas):
Delete the path vertex and index buffers on destruction.
(WebCore::interpolateQuadratic):
(WebCore::interpolateCubic):
Interpolate directly to a Vector<FloatPoint>, rather than
Vector<double>.
(WebCore::PolygonData::PolygonData):
(WebCore::combineData):
Replace the DoubleVector with a FloatPointVector.
(WebCore::GLES2Canvas::tesselateAndFillPath):
Move curve drawing into this function, and rename it to reflect the
new behaviour. Re-use the common vertex and index buffers. If the
curve consists of a single convex polygon, draw the curve as a single
triangle fan. Otherwise, convert it to doubles and pass it to the
tesselator.
(WebCore::GLES2Canvas::fillPathInternal):

WebView/WebHTMLView.mm:
(-[WebHTMLView _handleStyleKeyEquivalent:]): Handle the case where WebView is
nil rather than asserting that it is non-nil. One case where WebView will be nil
is when the frame is closed, but in any case where it is nil, the correct thing
to do is to not try to handle the style key.

Optimize overflow computations on lines to avoid allocating RenderOverflows in nearly all cases and to avoid even having
to check the line for overflow in the first place.

For the purposes of overflow computation, an inline object's default containment box for overflow is now assumed to extend
all the way from lineTop to lineBottom instead of snugly fitting the inline object's own block dimensions. This allows
replaced objects to be inside spans without triggering overflow allocation.

The overflow accessors on InlineFlowBox have been changed to require passing in the lineTop and lineBottom so that the block
dimensions can be forced to those values. Because these values are checked during painting and hit testing of lines, the
lineTop and lineBottom are now passed as arguments to the painting and hit testing functions to avoid repeatedly crawling
back up to the root box to fetch them.

Added a new boolean flag to all InlineBoxes, knownToHaveNoOverflow(), and optimized for common cases where no overflow can
possibly be present. When the bit is set, computeOverflow will just immediately return.

Some linkers, like GNU Gold, require explicit linkage of all the
libraries used instead of relying on our dependencies to bring
them in. In this case, the build fails because we use XRender in
the plugin code but don't link directly to it.

Make ContainerNode::insertIntoDocument() collect all nodes before
operating on any of them. Add small helper function and use it
througout the file where this action is already taking place.​https://bugs.webkit.org/show_bug.cgi?id=57265

(WebKit::FindController::countStringMatches):
Use the same technique as findString() to report kWKMoreThanMaximumMatchCount when appropriate.
(WebKit::FindController::findString):
Convert numeric_limits::max() to max() - 1 to avoid overflow case.

Follow Firefox's convention in Windows,
In LTR block, word break visually moves cursor to the left boundary of words,
In RTL block, word break visually moves cursor to the right boundary of words.

This is the 1st version of implementing "move caret by word in visual order".
It only works in the following situation:

For a LTR box in a LTR block or a RTL box in RTL block,
when caret is at the left boundary of the box and we are looking for
the word boundary in right.

For a LTR or RTL box in a LTR block, when caret is at the left boundary
of the box and we are looking for the word boundary in left and
previous box is a LTR box.

For a LTR or RTL box in a RTL block, when the caret is at the right
boundary of the box and we are looking for the word boundary in right and next box is RTL box.

An experimental granularity is introduced, as a side effect, functions having switch statements
to handle those granularities have to add more one case to handle this new granularity.
The experimental granularity is exposed though JS by '-webkit-visual-word".

The overall algorithm is looping through inline boxes visually and looking
for the visually nearest word break position.

Introduce a new StringWithDirection object that carries a String along
with the TextDirection associated with the String. Use this object for
document titles used within WebCore, because in HTML the direction of
a title can be set with the 'dir' attribute.

Put FIXMEs at the WebKit level to expose the new direction information
to clients.

No behavioral change intended, so no new tests. A follow-up will expose
the title direction and hopefully can be accompanied by tests that
verify it is correct.

Stub out NPAPI support for platform and OS combinations that are
not supported yet. Ancestor patch was made by Laszlo Gombos.

GNUmakefile.am: Add NetscapePluginModuleNone.cpp and NetscapePluginNone.cpp
to the build system.

Shared/Plugins/Netscape/NetscapePluginModule.cpp:
Remove the sanity check because from now all combinations that
don't have an explicitly set plugin architecture fall into
the PLUGIN_ARCHITECTURE(UNSUPPORTED) category and has a stubbed
implementation.

config.h: Introduce PLUGIN_ARCHITECTURE(UNSUPPORTED) as another
option. Make platform and OS combinations that are not supported
yet fall into this. Don't use Q_WS_X11 to test the window system
for Qt because it is not defined without including <QtGlobal>.
No clue about how could it work so far.

The changes of some CSS related SVGFilter properties e.g. lighting-color, flood-color, flood-opacity
need only repaint. To avoid the default invalidation of filters in SVGResourceCache::clientStyleChange()
we need an early return. So RenderSVGResourceFilterPrimitive::styleDidChange() can handle these properties
via RenderSVGResourceFilter::primitiveAttributeChanged() the same way like we do it for the other SVGAttributes.

Testing inherited CSS related SVG property changes by FEFlood, FESpecularLighting and FEDiffuseLighing filters.
Adding a missing test to check the dynamic update of lighting-color property of FESpecularLighting.
All the other modifications are covered by the existing dyanmic-update tests.

Factors out a JavaField interface which does not use JNI types.
This will allow the Java bridge to be used with objects that
don't use JNI directly. The existing jobject-backed
implementation is moved to a new JavaFieldJobject class which
implements the interface.

Use WTF::String in place of JavaString in the API, as JavaString
exposes JNI types in its interface.

This bug results in an ASSERT fail in CompositeEditCommand::insertNodeAt, so is only observable in debug builds
of WebKit.

editing/DeleteSelectionCommand.cpp:
(WebCore::firstEditablePositionInNode):
(WebCore::DeleteSelectionCommand::removeNode): Use firstEditablePositionInNode rather than firstPositionInNode
to find anchor node for the placeholder's position, if any.